Embed Size (px)
Citation preview
Open here for the ultimate Microsoft resource guide for IT Professionals andDevelopers<
A WIRELESS VISION: ANYTIME, ANYWHERE
COMPUTING
SKILLS AND TRAINING: FINDING THE RIGHT BLEND
INTEGRATING THIRD-PARTY WEB SERVICES
SOFTWAREASSURANCE
SECURITYPATCHES
+PLUS
TEC
HN
OLO
GY
MICROSOFT TECHNOLOGYDEPLOYMENT
ISSUE 4 JUNE 2003
DYNAMICCOMPUTINGTAKING THE STRAIN OUT OF DATA MANAGEMENT
DYNAMICCOMPUTING
1June 2003
i Executive editor: Jo Russell Editor: Gary Eastwood Commissioning editor: Phil
Jones Creative director: Crispian Brown Art editor: Erroll Jones Picture editor:
Rachel James Deputy picture editor: Rachel Curry Account director: Ingrid von
Bibra Production director: Andrea St Hill Editorial director: Stuart Rock
Publisher: Mike Bokaie
FYi is published for Microsoft Limited by Caspian Publishing Limited, Millbank
Tower, Millbank, London SW1P 4QP. General enquiries: 020 7828 0706
Editorial: 020 7828 0744 Fax 020 7828 0737
E-mail: [email protected] www.caspianpublishing.co.uk
The views expressed in this magazine are those of the contributors for which
Caspian Publishing and Microsoft Limited accept no responsibility. Readers should
take appropriate professional advice before acting on any issue raised.
Reproduction in whole or in part without written permission is strictly prohibited.
Repro by Blaze Creative. Printed by TPL Printers (UK)
© 2003 Microsoft Corporation. All rights reserved. Microsoft, the Microsoft logo,
Outlook, Windows, Visual Studio, Windows Server, Active Directory, Sharepoint,
Microsoft Press, MapPoint and InfoPath are either registered trademarks or
trademarks of the Microsoft Corporation in the United States and/or other
countries. All other trademarks are held by their respective companies.
COVER PHOTOGRAPHY: WILL WEBSTER
DESIGNS FOR THE FUTURE 10-11
“Once the Windows Server 2003
upgrade is complete, we plan to
move over to Exchange 2003 ”LEE BINGHAM, IT DIRECTOR, PAUL SMITH, ON WINDOWS SERVER 2003 AS A PLATFORM FOR THE FUTURE
IN-BOX 2-5“What is the best way to share an internet connection among remote office users using
Windows XP?”
The Clinic responds to this and other problems and questions.
A WIRELESS VISION: ANYTIME, ANYWHERE COMPUTING 6-7“Developing applications for mobile devices will be a whole new ball game with thousands
of new entrants designing software across a variety of devices.”
Robbie Ray Wright, EMEA director for mobile devices at Microsoft EMEA, discusses Microsoft’s
vision of a wireless future, and what that means for the Microsoft developer community.
WINDOWS SERVER 2003: A STRONG FOUNDATION 8-9“Our aim is to make life easier for disabled people.”
David McGregor, IT director, Queen Elizabeth Foundation, on how the forward-thinking charity is
using Windows Server 2003 to improve efficiency.
TRAINING AND CERTIFICATION: A PLATFORM FOR LEARNING 12-13“With many organisations adopting .NET, they need to look at their developers in that
environment so they are better equipped to leverage that platform.”
How to get the right blend of “real world” experience and technical knowledge.
WINDOWS SERVER 2003: DYNAMIC COMPUTING 14-16“There simply aren’t enough people around to manage or operate the type of data centre
world we have today.”
Michael Emanuel, senior product manager for Microsoft’s enterprise management division,
discusses the role of the Dynamic Systems Initiative in building the data centre of the future.
LICENSING: SOFTWARE ASSURANCE 17“Microsoft has done a lot of work with customers and partners to make Software Assurance
more valuable to them.”
Sue Hogg outlines Microsoft’s work to make Software Assurance more valuable to customers.
WEB SERVICES: NOTHING TO FEAR 18-19“IT professionals are accustomed to running web sites. This really is the same thing as
administering a web service.”
Ivo Salmre, Microsoft UK product manager for .NET developer technology, demystifies web services.
SECURITY PATCHES: THE RANT 20“Where the virus is significant, such as Slammer, we have destroyed all SQL evaluation
software and replaced it with protected copies.”
Stuart Okin, chief security officer at Microsoft UK, responds to a user “rant” on security patches.
TEC
HN
OLO
GY
SHORTCUTS
To feedback your comments on FYI Technology or amend your sub-scription details, please go to www.microsoft.com/uk/fyitechnology
Q
2 FYITECHNOLOGY
ON PREVENTING AN EXCHANGE 2000
SERVER FROM BEING USED AS A
MAIL RELAY:
Q: WE RECENTLY DISCOVERED THAT OUR
EXCHANGE 2000 SERVER HAD BEEN HACKED
AND USED AS AN E-MAIL RELAY BY A
SPAMMER. WE HAVE MANY HOME USERS AND
SEVERAL OUTLYING OFFICES WHICH DEPEND
ON THE SERVER TO PROVIDE RELAY SERVICES.
HOW CAN WE PREVENT FURTHER ATTACKS?
RESPONSE: By default Exchange 2000
does not allow unauthenticated users to
relay through the server. So problems like
this one usually stem from incorrectly
reconfiguring relay restrictions, making it
possible for unauthenticated users to
access the relay features. The solution is to
go back and tighten up relay restrictions.
First, start Exchange System
Manager. Expand the Organisation_name
object, and then expand the Servers
node. Expand the Server_name object of
the server on which you want to prevent
mail relay, and then expand the Protocols
node. Now expand the SMTP node, right-
click the virtual SMTP server, on which
you want to prevent mail relay, and then
click Properties. Click the Access tab, and
then click Relay.
You are now looking at the Relay
Restriction dialog box. The ‘Only the list
below’ option is turned on, and by default
that list will be empty. The ‘Allow all com-
puters which successfully authenticate to
relay, regardless of the list above’ option
is also turned on. This permits users and
computers that can authenticate with the
server to relay through the server. A
hacker might try and change this setting
➔➔ iN-BOX
UPDATEMOBILITY RESOURCESDo you need help extending messaging platforms to mobile clients? Are
you struggling to decide which mobile device is appropriate for your
users? Microsoft has produced a technical guide to help you get started
on mobile messaging projects. The practical hands-on paper provides
advice on: how to migrate Microsoft® Exchange Servers; what products
and services you need to manage and connect mobile devices through
mobile operator networks securely; what makes a great user experience.
To download this resource, visit:
www.microsoft.com/technet/treeview/default.asp?url=/technet/
itsolutions/mobile/default.asp
Microsoft’s ‘Guide to Mobility’ is also now available. The guide presents
a route through the maze of mobile solutions, from Windows XP to
mobile devices. Customers can find out more about featured partners
and can register for Microsoft and partner events through to July.
For further information, please visit:
www.microsoft.com/uk/mobile
ACCELERATED SUCCESSToday’s job market is more competitive than ever and fast-changing
technology creates a high demand for qualified professionals to help
organisations keep pace and flourish. If you are an IT professional or a
software developer, businesses need your skills now, and certification
can help to demonstrate your technical expertise in Microsoft technolo-
gies to employers, clients and peers, as well as keep your career moving
ahead. With the developer community expected to grow 48 per cent by
the end of 2003, professional certification can be a key way to validate
skills and advance on-the-job skills. Microsoft’s new MCAD/MCSD self-
paced training kits deliver real-world developer training for training on
the job and for certification exams. The kits now feature comprehensive
exam preparation content in addition to interactive exercises, skill
assessments, lesson reviews and summaries. For further information
about the kits for developers and IT professionals, visit:
www.microsoft.com/mspress/certification or
www.microsoft.com/mspress/uk
LAST CALL FOR TECH ED 2003Microsoft will be celebrating the 10th anniversary of Tech Ed in Europe
this year. Held in Barcelona, Spain, between June 30 and July 4 the
conference provides an opportunity for IT professionals to immerse
themselves in the latest Microsoft technologies, platforms and tools.
To register online for the event, before June 30, visit:
www.microsoft.com/europe/teched/home.asp
QUESTIONS TO THE CLINIC >>>>
3June 2003
to allow anonymous access or an
authorised user could exploit this setting
to use relay services.
To tighten this up, click Add. You can
now permit a single computer, a group of
computers, or a whole domain to relay
through the server by making the appro-
priate selection in the Computer dialog
box. Allowing access by IP address or
domain name is helpful for users who do
not authenticate with the Exchange server
(for example, in an internet service
provider [ISP] implementation).
When you have finished stipulating
which specific computers, addresses or
domains can now access relay services,
click OK in the Relay Restrictions dialog
box, click Apply, and then click OK in the
Default SMTP Virtual Server Properties
dialog box. You should now have much
tighter control over relay services, and a
better idea of who, if anyone, may be
abusing their privileges.
ON DEALING WITH PERSISTENT
REGISTRATIONS REQUESTS IN OFFICE
Q: COPIES OF MICROSOFT OFFICE HAVE
RECENTLY BEGUN PERSISTENTLY DEMAND-
ING WE REGISTER THEM, EVEN THOUGH
THIS HAS ALREADY BEEN DONE. HOW CAN
WE SWITCH THIS OFF?
RESPONSE: This problem has emerged
since 15 April this year, when some
copies of Office began prompting users to
register, even if they have already, or if
they are not users that would normally be
expected to do so. It can persist even
after installation of Service Pack 3 (SP-3).
Two patches are available that cure the
problem, depending on whether users are
currently on SR-1/1a & 2 and one for
users patched to SP-3.
However, applying the patches can be
problematic and should only be attempt-
ed by Microsoft Support Professionals, or
others with the appropriate expertise. A
fuller description of what is involved, and
who should do it can be found at the
Microsoft Knowledge Base. Look for
article 818798 at:
http://support.microsoft.com/?id=818798
ON UPGRADING FROM OUTLOOK®
EXPRESS TO OUTLOOK 2002
Q: WE ARE PREPARING TO MOVE TO
OUTLOOK 2002. WHAT IS THE SIMPLEST WAY
OF MIGRATING OUR EXISTING OUTLOOK
EXPRESS ACCOUNTS SETTINGS, MESSAGES
AND ADDRESSES TO THE NEW PRODUCT.
RESPONSE: There are three simple
processes involved in this migration. Begin
by importing Outlook Express account set-
tings using Import and Export in the
Outlook 2002 File Menu. Click Import
Internet Mail Account Settings, then next,
then Outlook Express. Make sure that the
name displayed is the right one, click next
and do the same with the email. Check that
the incoming and outgoing mail servers are
correct, ditto account name and password,
and click Next. Be aware that with Microsoft
Network (MSN) version 2.5 POP mail, the
Log on using Secure Password
Authentication (SPA) check box must be
selected. Choose the method you use to
connect to the Internet, click Next, and click
Finish to import your mail account settings.
Importing Outlook Express messages,
address books and rules is also done
from the Outlook 2002 File menu using
the Import and Export option. This time
choose Import Internet Mail and
Addresses and then click Next. Select the
appropriate version of Outlook Express
(4.x, 5), check that Import Mail, Import
Address Book, and Import Rules are all
selected and click Next again. Select to
import into either the Outlooks Contacts
Folder or Personal Address Book, and
choose how duplicates are handled
during import. Click Finish.
The last step is to make Outlook
2002 your default email client. This can
either be done within Outlook by clicking
on the Other tab in the tools menu, select-
ing Make Outlook the default program for
Email, Contacts and Calendar, and hitting
OK. Alternatively, quit Outlook and open
Control Panel. Double click on Internet
Options, click the Programs tab and
select Microsoft Outlook from the email
list. Click Apply, and then click OK.
ON XP SERVICE PACK 1
Q: AFTER RECENTLY INSTALLING SERVICE
PACK 1 FOR WINDOWS® XP PROFESSIONAL
WE HAVE LOST ALL OUR ORIGINAL
NETWORK SETTINGS AND NOW XP DOESN’T
WANT TO LET US CREATE NEW ONES. WHAT
CAN WE DO?
RESPONSE: Sometimes using System
Restore after installing Windows XP SP1
does cause network problems. Specifically,
you may no longer be able to create a
remote access or Dial-Up Networking con-
nection, the Network Connection page of
the New Connection Wizard will be dimmed ➔➔
>>>>>>>RUSSELL READ>>>>>>RICHARD MANNION>>>STUART RAILSON
PH
OTO
GR
AP
HY:
RO
B C
LAY
TON
4 FYITECHNOLOGY
and unavailable, and the Network
Connections folder will be empty.
If you now also check the System log of the
Event Viewer you will see the following:
Date: <date> Source: Service
Control Manager
Time: <time> Category: None
Type: Error Event ID: 7023
User: N/A
Computer: <computername>
Description: The Remote Access
Connection Manager service terminated
with the following error: Access is denied.
Date: <date> Source: Rasman
Time: <time> Category: None
Type: Error Event ID: 20035
User: N/A
Computer: <computername>
Description: Remote Access Connection
Manager failed to start because it could
not create buffers. Restart the computer.
Access is denied.
When you try to start the Remote Access
Connection Manager service, you receive
the following error message: Could not
start the Remote Access Connection
Manager service on Local Computer.
Error 5: Access is denied
NOTE: You receive this error message
although you are logged on with an
account that has administrative privileges.
This is because the System registry hive
is not correctly restored to the Windows
registry after you restore Windows.
To resolve this problem, reinstall SP1 for
Windows XP. However, if you cannot
reinstall SP1 you will have to resort to
modifying the registry using the Registry
Editor. Any errors made in this process
could have serious repercussions for the
system, and could force you to reinstall
Windows. It is essential that the following
procedure is adhered to exactly, and that
you back-up registry before starting it.
Microsoft cannot guarantee that you can
solve problems that result from using
Registry Editor incorrectly. Use Registry
Editor at your own risk.
If you cannot reinstall SP1, verify that the
Objectname string value is set to
LocalSystem in the following registry
subkey:
HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Services\RasMan
Now delete the following registry subkeys.
The presence of these subkeys on a
Windows XP-based computer that does
not have SP1 installed can cause the
symptoms described earlier:
*HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Services\RasMan\PPP\EAP\25
*HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Services\RasMan\PPP\EAP\26
To delete these keys, follow these steps,
starting with a back-up of the registry keys.
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then
click OK.
3. Locate and then click the following key
in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Services\RasMan
4. On the File menu, click Export.
5. In the File Name box, type exported
rasman key, and then click Save.
6. In the RasMan key, locate and then
click the ObjectName string value.
[If this value is not set to LocalSystem,
follow these steps:
1. On the Edit menu, click Modify.
2. In the Value data box, type
LocalSystem, and then click OK.]
7. Locate and then double-click the follow-
ing key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentC
ontrolSet\Services\RasMan\PPP\EAP\25
8. On the Edit menu, click Delete.
9. Click Yes to confirm that you want to
delete the selected registry key.
10. Repeat steps 7 to 9 to delete the
following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentC
ontrolSet\Services\RasMan\PPP\EAP\26
11. Quit registry editor, and then restart
your computer.
ON ENABLING INTERNET CONNECTION
SHARING ON A SMALL OFFICE NETWORK
CONNECTION IN WINDOWS XP
Q: WHAT IS THE BEST WAY OF SHARING AN
INTERNET CONNECTION AMONG REMOTE
OFFICE USERS USING WINDOWS XP?
RESPONSE: Through the Internet
Connection Sharing (ICS) feature for
network and dial-up connections, you
can use Windows XP to connect a home
network or small-office network to the
internet. For example, you may have a
home network in which a Windows XP-
based computer connects to the internet
by using a dial-up connection. If you
enable ICS on the computer that uses the
dial-up connection, you can provide
network address translation, addressing,
and name resolution services for all of
the computers on your network.
For Internet Connection Sharing (ICS)
to be enabled, the Windows XP-based
computer must have two network adapters,
one for the local network, and one for the
internet connection. Begin ICS Setup by
double-clicking Network Connections in
Control Panel. Choose the LAN or dial-up
connection you want to share, then click
Change Settings for this connection under
Network Tasks. On the Advanced tab, click
to select the Allow other network users to
connect through this computer's Internet
connection check box.
If you're using a dial-up connection,
and you want it to dial automatically when
another computer on your network
attempts to connect to the internet, click
to select the Establish a dial-up connec-
tion whenever a computer on my network
attempts to access the internet check
box. If you want to allow other network
users to enable or disable the shared
internet connection, click to select the
“Allow other network users to control or
disable the shared internet connection”
check box.
NB. When you enable ICS, the network
adapter that is connected to the home or
small-office network receives a new static
IP address of 192.168.0.1, with a subnet
mask of 255.255.255.0. Existing TCP/IP
The information contained in this section represents a selection of the useful exchanges found on the Microsoft web
site, and originates from various sources. It is for general information purposes only. Microsoft Limited makes no
warranties, representations or undertakings in relation to this information, including but not limited to its quality,
accuracy, completeness or fitness for purpose. Microsoft accepts no responsibility for reliance placed on this
information. Always obtain appropriate professional advice on specific problems or matters.
➔➔
➔➔
5June 2003
MAKE SPACE IN YOUR DIARY FOR...
Want a free subscription to
FYI Technology?
FYI Technology is a six-weekly publication
from Microsoft. If you would like to receive
regular copies, please visit:
www.microsoft.com/uk/fyitechnology
We’d love to hear your opinion of FYI
Technology. Visit:
www.microsoft.com/uk/fyitechnology
to give us your feedback.
Interested in receiving FYI Strategy?
FYI Strategy, the sister publication to FYI Technology, offers
advice and best practice to senior business decision makers on
many of the issues covered within FYI Technology.
To receive a free copy, visit:
www.microsoft.com/uk/fyitechnology
If you would like to sign up to MSDN Flash for
developers or TechNet Flash for IT professionals,
our fortnightly e-mail newsletters, visit:
www.microsoft.com/uk/fyitechnology
TEC
HN
OLO
GY
THE COMPLETE PICTURE
For TechNet events, visit: www.microsoft.com/uk/technet/tcevents/itevents For MSDN events, visit: www.microsoft.com/uk/msdn/events/events.asp
24 June 2003TechNet Support WebcastMicrosoft Windows Server 2003:
Automated Deployment Services
26 June 2003TechNet SpotlightReadingMicrosoft Solutions for Internet
Business
30 June – 4 JulyTechEd 2003BarcelonaMSDN & TechNet
1 July 2003TechNet Support WebcastMicrosoft Exchange Server 2003:
Overview of Transport and
Mobility Features
15 July 2003TechNet EveningReadingWindows Server 2003 Active
Directory Diagnostics,
Troubleshooting and Recovery
15 July 2003TechNet Support WebcastMicrosoft Windows XP: An
Overview of the Advanced
Networking Pack
19 August 2003TechNet Evening ReadingManaging Internet Information
Server 6.0
18 September 2003TechNet Evening ReadingUnderstanding Group Policy on
Windows Server 2003
TECHNICAL EVENTSFROM MICROSOFTMicrosoft offers a wide range of
events delivering technical
“how to” information to IT
professionals through TechNet
and to developers through
MSDN. These include regular
FREE events which focus on
delivering in-depth information
on developing, deploying, using
and optimising Microsoft
technologies.
connections on the network may be lost
and must be re-established.
Other issues to bear in mind when
using ICS in remote office locations include
remembering the fact ICS assumes its
Windows XP host is the only Internet gate-
way on the network and is responsible for
all internal network addresses. All hosts on
the network except the ICS host are expect-
ed to be configured to obtain IP address
and DNS configuration automatically.
You cannot modify the default
network configuration after you enable
ICS. This includes changing the range of
private IP addresses that are handed out
(DHCP allocator), enabling or disabling
DNS, and configuring a range of public
IP addresses.
If your remote office users need to
gain access to a corporate network that is
connected to the internet by a tunnel
server, the users need to create a virtual
private network (VPN) connection to tunnel
from the computer on the ICS network to
the corporate tunnel server on the internet.
The VPN connection is authenticated and
secure, and creating the tunnelled connec-
tion allocates proper IP addresses, DNS
server addresses, and WINS server
addresses for the corporate network.
You may need to configure programs
and services to work properly across the
internet. For example, if users on your
home network want to play a game with
other users on the internet, the game must
be configured on the connection in which
ICS is enabled. Services that you provide
must be configured so that internet users
can gain access to them.
➔➔
6 FYITECHNOLOGY
WHAT IS MICROSOFT’S LONG-TERM VISION OF THE WIRELESS FUTURE?
We see a plethora of smart devices entering the market in a variety
of form factors and designed to meet the specific requirements of
each individual user. From the mobile professional to the gaming
enthusiast, we see our hardware partners creating compelling
solutions that drive the uptake of mobile data.
Developing applications for mobile devices will also be a whole
new ball game with thousands of new entrants designing software
across a variety of devices. Mobile operators will play a key role by
providing software as a service that invigorates a multitude of
devices. Ultimately, this will bring fresh opportunities for software
and wireless companies to partner and provide customer value
by developing connected scenarios for consumers and mobile
professionals, and moreover, new revenue opportunities for the
industry as a whole.
WHAT IS MICROSOFT DOING NOW TO FULFIL THIS VISION?
Microsoft is committed as ever to this wireless vision of the
future, and we are making real progress towards
achieving it. Over the last three years
we’ve had a single vision of mobility
– we’ve talked about the power of
software in the mobile space, and
in particular in smart devices. This
is important because previously
what really mattered in the mobile
space was the power and capacity
of devices, but now people are
looking at mobile from the per-
spective of what really makes
these devices useful – the
software and applications.
When you look at the market
you can see that there is real
momentum building. In Europe,
in the PDA [personal digital
assistant] market, roughly two
million units have been shipped,
and now we are starting to see the
emergence of the Smartphone, which
is a mobile phone with PDA functionality. These devices have a
real richness of function and capability, and as users and devel-
opers start to realise what they can do with them we are seeing a
version of Moore’s Law beginning to apply. It is a virtuous cycle in
which as each new application arrives, more companies are seeing
the possibilities and committing more of their efforts to developing
yet more applications.
Today, there are already 10,500 applications available for
the Microsoft Pocket PC-based PDA. For the Smartphone, which is
a relatively new device, there are currently fewer applications on
the market, but that number is growing fast. With the Microsoft
Mobile2Market program, we are working with independent software
vendors (ISVs) to build a catalogue of applications that we are taking
to operators around the world, such as Orange, which can then make
those applications available directly to their customers via their
web sites. The Mobile2Market on-line catalogue launched with
over 150 applications for the Pocket PC and Smartphone.
New applications are being added to the catalogue at an
incredible rate. By the end of June there will be
hundreds of applications available.
WHAT IMPACT WILL THE FUTURE NETWORK
INFRASTRUCTURE HAVE ON THIS VISION?
Looking to the future, operators will be able
to offer new services and applications at
much greater speed and lower cost as
handsets become “smarter”. New services
and applications can be installed on
to smart handsets as and when the
operator wishes to offer the new web
service or when the user wants to
download a new application.
In the fixed line world we’ve
always taken the view: “Build the
pipe and we’ll manage the overflow”,
and when we looked at the usage
model for broadband services one
key trend we found was that increased
bandwidth did not necessarily lead to
changes in usage patterns. What was evident
Robbie Ray Wright, Microsoft’s EMEA director for mobile devices, discusses thecompany’s “anytime, anywhere” vision of a wireless future, and what that meansfor the Microsoft developer community.
PH
OTO
GR
AP
HY:
RIC
HA
RD
GLE
ED
WiRELESS ViSiON
7June 2003
was that users got more personal with their
existing applications and services. So for
example, a user would typically run a number
of their favourite applications or web-based
services, instead of something completely
different or new. The benefit of increased
bandwidth will lead to numerous possibilities
with exciting new mobile applications, but
essentially we expect to see people access-
ing a wide range of applications and web
services that would normally be associated
with desktop computing, but on their various
mobile devices.
DO YOU SEE A “KILLER” APPLICATION THAT WILL
REALLY DRIVE DEMAND FOR MOBILE PRODUCTS
AND SERVICES?
I don’t think it is possible to talk about a killer
application for mobile devices. Mobile is
about 24-hour access to information and
services for individuals, and people will want
to access different things at different times.
Some of the time people will want access to
Word and Excel viewers via the expansion
cards on their Pocket PC, at other times they
may want games or personal information management (PIM).
The longer people use their mobile devices, the more they will
come to rely on them for a variety of activities, such as internet
access, gaming, picture messaging, maps and on-line shopping.
We therefore think it’s important to provide a really rich environ-
ment and a choice of quality applications that don’t restrict what
people can do with their mobile devices.
YOU HAVE DISCUSSED THE IMPORTANCE OF PARTNERS, BUT WHAT IS
MICROSOFT DOING TO ENCOURAGE CORPORATE DEVELOPERS TO GET
INVOLVED IN MOBILITY?
Certainly, a key partnership is with the network operators in this
space. Companies such as T-Mobile and Orange have a critical role to
play in delivering mobility, and we all share the same view of where we
are trying to go. But both Microsoft and the operators also absolutely
have to work with corporate developers to build this future. For the
corporate developer market *we have a program called Mobile
Workplace, a partnership with developers and systems integrators
designed toprovide a framework that makes it easy for corporate
developers to build and deploy mobile solutions – specifically, line of
business solutions.
Simplicity is the key here. We have to make it as easy as
possible for corporate customers to embrace mobility, by support-
ing them through partnerships such as Mobile Workplace, and by
providing tools that allow them to deploy
applications to mobile platforms as easily as
they do to the desktop.
We know that there is great interest in
developing mobile applications in the corpo-
rate community – for example, 380,000
SDKs [software development kits] have
already been distributed. At the Microsoft
Mobile Developer Conferences earlier this
year we launched the Microsoft .NET
Compact Framework, which includes
everything a corporate developer needs to
immediately begin building applications for
use with smart devices, such as Pocket
PCs and Smartphones.
The .NET Compact Framework is now
included in Visual Studio® .NET 2003, which
enables millions of desktop developers and
the growing pool of C# developers to begin
building smart mobile applications using a
consistent programming model and with little
additional investment in programming skills.
Our ultimate vision and one we are getting
closer to with the release of Visual Studio.NET
2003 is to allow commercial and non-com-
mercial ISVs to target their products across any number of devices
without having to spend cycles of time in redevelopment. Essentially,
the ISV that creates an enterprise-level application for the Windows
desktop should easily be able to develop that application to the
Smartphone or a specific line-of-business type device in a matter of
hours as opposed to a matter of months.
ARE THERE ANY BARRIERS TO OVERCOME BEFORE DEVELOPERS CAN
BEGIN TO DELIVER THE SAME LEVEL OF FUNCTION AND PERFORMANCE
TO WIRELESS AS THEY DO TO THE DESKTOP?
I really can’t imagine what such a barrier might be. Certainly, on the
device side I don’t think there are any significant obstacles. Now
smart devices have 400MHz processors driving them, and the
ability to use storage devices, such as the 1GB SD card, there are
few applications they cannot handle. On the network side, devices
like the Compaq iPAQ can now support links to Wi-Fi LANs [local
area networks], and operators are already delivering GPRS and
starting to roll out 3G, so we already have the ability to be
connected productively wherever we are.
MOBILE WORKPLACE
In partnership with Accenture, HP and
Cap Gemini Ernst & Young, Microsoft
Mobile Workplace is designed to
simplify the deployment of Windows
Powered mobile devices, business
applications, and support in the
enterprise through the use of
Microsoft and third-party
technologies and services.
Due to the complexity involved in
bringing together all the components
of a wireless enterprise solution,
Mobile Workplace provides
experienced systems integrators to
help develop, deploy, and if necessary
maintain solutions. Microsoft assists
in connecting businesses with
systems integrators.
Security and systems management
form the foundation of Mobile
Workplace, on top of which organisa-
tions can build the appropriate
business applications. Mobile
Workplace focuses on the following
areas: CRM (including sales force
automation), ERP (including supply
chain management), healthcare and
financial services.
www.microsoft.com/uk/mobility
WHERE NEXT?
STRONG FOUNDATiONSDAVID MCGREGOR, IT DIRECTOR, QUEEN ELIZABETH FOUNDATION
Queen Elizabeth Foundation leapfrogs from NT4 to Windows Server 2003
The Queen Elizabeth Foundation (QEF) is
a charity operating across the UK with a
head office in Leatherhead, Surrey. It
offers support to over 250,000 disabled
people across the UK with six centres
of excellence based in the south east
of England.
IT services supporting the organisa-
tion have developed over a number of
years, which resulted in seven NT4
domains being installed across the six
sites, along with a total of 15 NT4 mem-
ber servers running a variety of applica-
tions, file and print services, as well as
Exchange 5.5. Most clients were running
Windows NT 4.0 and Windows 98, with
some machines still running Windows 95.
Increasing demand for IT services
across the organisation spurred David
McGregor, IT manager at QEF, to investi-
gate options for a major upgrade to the
entire infrastructure. The aim was to have
a centralised management based at
Leatherhead using a single domain
across all sites. E-mail services were to be
provided for all, including a gateway to the
internet and remote mail access using
Outlook Web Access.
Being a charity, budgets are very tight
and IT solutions need to be designed for a
five-year life span, so with an eye to the
future, McGregor took the opportunity to
migrate to Windows Server™ 2003 as
part of Microsoft’s Rapid Adoption
Program (RAP).
To help kick-start the project QEF
spoke to Eurodata Systems, a Microsoft
Gold Partner systems partner that has
undertaken recent projects for the Royal
Opera House and London Borough of
Hackney, among others.
Des Lekerman, managing director at
Eurodata Systems, believes that charities
need to be even more forward thinking than
many large corporations. “Charities need to
be 100 per cent efficient, so that all the
goodness goes to the good cause.”
The decision was taken to perform an
in-place upgrade of the largest existing
domain to Windows Server 2003, and
then to migrate users across from the
remaining NT 4.0 domains. A key element
of the upgrade was the ability of the hard-
ware to run the new operating system.
The original NT4 Primary Domain
Controller was running on a low-spec Dell
PowerEdge 2300 using a Pentium 450
processor with 128Mb of memory. The
other domain controllers at the remote
sites ran similar spec machines.
The addition of five new HP Proliant
DL360 machines running 1.2GHz proces-
sors with half a gigabyte of memory formed
the heart of the upgrade, with each
machine running Windows Server 2003.
The upgrade introduced QEF to their
new Active Directory®, and consolidated
seven domains into a single domain with
a domain controller at each site. The
design of the new domain was rolled out
on the basis of minimising complexity
while utilising key features of Active
Directory, such as improved management,
remote support, security and granular
administration features.
With an eye to keeping costs to a
minimum, the decommissioned domain
controllers have been upgraded from
8 FYITECHNOLOGY
PH
OTO
GR
AP
HY:
MA
RC
BU
RD
EN
Windows Server 2003
128Mb to half a gigabyte of memory. At a
cost of a few hundred pounds these
servers have had Windows Server 2003
installed and made member servers of the
Windows 2003 domain.
A donation of midrange Pentium
desktop machines from Eurodata has
also opened the door for an upgrade to
Windows XP. The remainder of the domains
would be merged into the now native mode
central domain using the new version of
Active Directory Migration Tool (ADMT).
Other services will be incorporated
into the overall design. A Distributed File
System (DFS) was widely used under NT4
and will be upgraded to a domain based
DFS when Windows XP is installed in the
desktops adding resilience and easier
management. A domain naming service
(DNS) will now become the principle
means of host and service resolution with
WINS being maintained for the legacy
clients. The allocation of network address-
es using Dynamic Host Configuration
Protocol (DHCP) was also transferred to
Windows 2003, with the unexpected
benefit of complete scope management
without any reboots.
At this stage, McGregor decided not to
load the Active Directory client for
Windows NT 4.0 since he is looking at
upgrading clients in the near future.
McGregor recognised early in the
process that professional help was
essential to the success of the project.
Through Microsoft he engaged the help of
consultants at Eurodata Systems.
“Eurodata showed us how to do it,” says
McGregor.
9June 2003
For further information on
Windows Server 2003 visit
www.microsoft.com/uk/windows/
serverfamily
WHERE NEXT?
In turn, knowing that this was to
some extent uncharted territory, Microsoft
PSS offered direct help as part of the RAP.
“Communication was key, and Microsoft
really helped us fix problems as they
arose,” explains Eurodata’s Lekerman.
The domain structure was designed
for ease of upgrade and low mainte-
nance, and adopting Windows Server
2003 has meant that QEF now enjoys a
more stable and easily managed network
of servers. The resilience of the Active
Directory combined with a straightforward
design offers centralised management,
and a new core infrastructure upon which
new technologies such as Exchange 2003
and an intranet may be based.
QEF has benefited from improved
communications and easy access to data
and services across the enterprise, and
there are plans to introduce Exchange
2003 and Instant Messaging based on
the new XP desktop.
“Our aim is to make life easier for
disabled people,” says McGregor. He is
doing so by building the most efficient
network on the latest technology at the
lowest cost possible.
The UK-based high-fashion design,
wholesale and retail company Paul Smith
has shops in London, New York, Paris,
Milan and the Far East. These shops are
in addition to its original branch in
Nottingham and over 200 in Japan. Paul
Smith Limited remains self-financed and
the annual worldwide turnover of the
wholesale, retail and licensed business
combined is £233m.
The company manages its worldwide
IT infrastructure using Microsoft Windows
2000 Server, Active Directory and
Microsoft Exchange 2000 as the
backbone of a virtual private network
(VPN) on which a range of applications
and a web site are hosted. The central
servers are based at the company’s head
office in Nottingham, where 10 Windows
2000 Servers are used for a variety of
purposes, including domain controllers
and file and print servers. Other software
running on the system includes Microsoft
Exchange 2000, SharePoint Portal Server
2000, and Microsoft SQL Server 2000.
The system has around 300 Windows XP
clients. An IT team of five manages the
remote systems across London, Milan,
Paris and New York.
Paul Smith’s London offices are
connected via a 2Mbps link and also
have domain controllers, file and print,
and application servers. Each of the
international branch offices has its own
Windows 2000 server providing domain
control services, such as domain naming
service (DNS), and dynamic host
configuration protocol (DHCP). The
servers all run Microsoft Internet Security
and Acceleration (ISA) Server and
Microsoft Exchange 2000. Other offices
that are Paul Smith franchises access e-
mail on the corporate network via an
Exchange 2000 server.
But the company wanted to make
even more use of the facilities it already
had, and identified potential benefits
from the development of a range of
business applications, a collaborative
workflow portal, and a customised project
management solution. These applications
could be developed using the .NET
Framework and Visual Studio .NET in a
faster development time, and the
applications could be more tightly
integrated into the overall IT
infrastructure.
Paul Smith was invited by Microsoft
to take part in an upgrade to Windows
Server 2003 through Microsoft’s Rapid
Adoption Plan (RAP). Then, through a
one-day Roadmap Planning workshop,
Lynx Technology, a Microsoft Gold
Certified Partner, met with Paul Smith
users to review existing and emerging
technologies. Lynx recommended
Exchange Server 2000 and SharePoint
Portal Server to exchange data and
enable users to store, index, share and
search data.
The benefits represented by Windows
Server 2003’s enhanced support for
Active Directory, improved security, and
the .NET Framework were all important
factors in the decision to make the move
to Windows Server 2003.
The company decided to upgrade
their domain controllers and application
servers in their head office and UK
branch office to Microsoft Windows
Server 2003, and to install Microsoft
Windows Server 2003 domain controllers
at the offices in New York, Paris, and
Milan. This new infrastructure would then
be able to take advantage of
improvements, such as better support for
Active Directory services, a new global
messaging infrastructure based on
10 FYITECHNOLOGY
PH
OTO
GR
AP
HY:
MIC
HA
EL
CLE
ME
NT
DESiGNS FOR THE FUTURELEE BINGHAM, IT DIRECTOR, PAUL SMITH
Paul Smith maintains design pre-eminence with Microsoft Windows Server 2003
Windows Server 2003
11June 2003
Outlook Web Access, and support for
instant messaging in Microsoft Exchange.
“We were looking for three main
benefits from the upgrade: better
manageability, better security and
stabilisation. The latter, in turn, leads to
increased uptime,” says Lee Bingham, IT
director at Paul Smith.
Bingham believes that the
manageability aspect will assist the small
IT team to manage disparate locations
from a central IT resource, while the
security benefits were key. “We have end
users that travel internationally. They want
remote access connectivity, so the security
aspect should pay dividends,” he says.
According to Bingham, the server
upgrade will form a platform for the
future. “Once the Windows Server 2003
upgrade is complete, we plan to move
straight over to Exchange 2003, which
will help us to facilitate the new features
of Office 11, which will be released later
this year,” he says,
The Exchange upgrade will, in turn,
tie in with the company’s remote access
plans – for example, in conjunction with
Microsoft and Orange the company
intends to deploy smart phones to its
international travelling workforce. ”The
Server 2003 upgrade will facilitate the
Exchange upgrade, which ties in nicely
with the mobility aspect,” says Bingham.
He is also hoping to begin a number
of pilot projects within the next six to 12
months, following completion of the
Server 2003 upgrade. In addition to the
improved infrastructure, Bingham wants
to make more use of collaborative
working practices and smarter
information management to reduce
management overheads. To achieve this,
he plans to assess some pilot schemes
based on Microsoft Exchange, SharePoint
For more information on Windows
Server 2003 and Exchange, visit:
www.microsoft.com/uk/windows/
serverfamily
WHERE NEXT?
Portal Server, and Visual Studio .NET.
The first pilot will look at automating
workflow using Microsoft Exchange to
manage online forms. By using Exchange
workflow forms, the approval and
authorisation elements can be
automated, including the business rules,
so reducing the company paper chase.
The second planned pilot is a
document management solution based
on SharePoint Portal Server 2000 that
will centralise document management
and offer a centralised single point of
reference. Microsoft Project Server 2002,
meanwhile, is also being investigated for
a team management solution that will
automate the management of fashion
collections within Paul Smith. Project
Server 2002 will offer team services and
team management so that managers can
make use of features such as critical
path analysis, distributed tasks and
completion monitoring.
The move to Windows Server 2003
will offer a range of benefits to Paul
Smith. The company hopes to streamline
a number of processes, and improve
manageability of its IT infrastructure.
“The project has been scoped well and
we have looked at where our end users’
difficulties lie. Microsoft has either
considered or built in complementary
support into the products for the future,”
says Bingham.
Training
12 FYITECHNOLOGY
A PLATFORM FOR LEARNiNG
Training can lead to more productive and loyal staff, and make the most ofexisting technology investments. A growing range of learning platforms nowprovides a combination of technical “know-how” and hands-on experience.
TIMES ARE TOUGH FOR IT DEPARTMENTS. Business in many sectors is depressed, and the pressure is on to make
the most of flat or slimmed-down budgets. For too many though, when budgets are tight the first thing to
disappear is often training.
In the past, training has had a poor image, with organisations unwilling to spend money sending employees
on courses for days on end, and unconvinced about return on investment.
However, this is a false economy, as initial outlay on training
will be returned many times over. A lack of qualified developers,
for example, will mean that any investment in new technology
cannot be realised, making it even harder for an organisation to
turn the corner in a tough business environment.
Indeed, making the most of existing IT investments,
requires trained individuals able to leverage the
full potential of technology. “If you are
about to buy a Formula One car, you
would train the driver to drive it,
rather than expect them to drive it
with their Mini Metro training,” says
Mark Buckley, training ancertification
group manager at Microsoft UK.
“Training is essential to understanding
and getting the best out of technology.”
In turn, training is a foundation for
professional certification, which acts
as a “badge of expertise” for
employers and peers alike.
For employers, a professional
qualification, such as a Microsoft
Certified Professional (MCP), is a
trusted sign that helps them identify the
individuals with the skills and expertise that can
help them to make the most of existing technology investments.
Furthermore, courses which lead to MCP accreditation can both
be trusted to refresh employees’ skills to the benefit of the
organisation’s productivity, and offer a means of motivating,
rewarding and, contrary to some employers’ beliefs, retaining
valued staff.
For the employee, meanwhile, accreditation marks them out
as an expert in their particular technology field, and raises their
worth in the eyes of both employer and peer.
In the past though, there has been an “accreditation-centric”
attitude towards training, whereby it was relatively easy to gain
certification through reading manuals and taking exams.
However, this often meant that individuals – while accredited –
lacked the all-important hands-on, real-world experience and
skills. The good news though, is that this situation is now
changing, and there is a growing number of learning
platforms to choose from, providing a
balance of academic knowledge and
real-world experience.
“Employers see training as
expensive and time consuming, they
don’t want to send people out of the
office for days on end. Therefore, they are
looking for a more cost-effective and
timely route to training,” says Claire Smyth,
Microsoft UK training and certification manager.
That route, says Smyth, is a “blended
solution” – a combination of self-paced
training, such as that offered by books and
online resources, with instructor-led
training, whereby individuals get to
use and “play with” technologies in a
hands-on scenario.
Microsoft, for example, now offers
a range of learning platforms, including online
resources, Microsoft Press® Books for self-training, as well as
Microsoft Official Curriculum (MOC) courses. Together, they
provide a more balanced approach to training, benefiting
employers and employees alike.
MOC courses, for example, are instructor-led programmes
held at Certified Technical Education Centres (CTECs) around the
country, offering five-day courses for specific technologies. Course
instructors are highly qualified, and an additional benefit is the
learning environment created by bringing together peers with
similar – or, just as importantly, different – questions and
challenges concerning a particular technology.
13June 2003
“We have added more real world scenarios and elements to
training through the MOC courses,” says Smyth. “And we rely on
highly skilled trainers to relay their real-world experience.”
Recently, Microsoft also added online mentoring to
supplement the MOC courses. Mentoring is a 24x7 resource,
whereby course attendees – who might have additional questions
once they have completed and digested a course’s contents – can
contact real-time mentors for guidance and answers.
Probably one of the most illustrative examples of the value of
training is the current need for expert .NET developers. As a
relatively new platform, many developers could benefit from
in-depth, hands-on training in the platform to leverage its true
potential. “With many organisations adopting .NET, they need to
look at their developers in that environment so they are better
equipped to leverage that platform,” says Buckley. “If you have
a Ferrari and only know about four gears, you will never use
fifth or sixth gear.”
When introducing something as radical as .NET technology, real
thought needs to go into what an organisation expects to
get from this investment, and what skills staff will need to ensure it
does so. But, as the experience of organisations such as
Berwin Leighton (see case study) shows, a considered and
committed approach to training can soon reward with benefits that
go beyond simply enabling staff to use the tools they are given.
Properly pursued, training leads to more productive and loyal
staff, a more innovative and flexible IT department, and real
bottom line benefits. That has to be worth investing in.
“Training is
essential to
understanding
and getting
the best out
of technology”
Microsoft certifications inspecific technologies provide a combination oftechnical knowledge, and“real world” skills andexpertise. They providevalidity of a holders’ expertise in the eyes ofemployers and peers alike.
For more information on training and Microsoft-certified
qualifications, visit: www.microsoft.com/uk/skills
WHERE NEXT?
Berwin Leighton Paisner trains for .NET
Today’s law firms no longer identify with their traditional
image of dust and old leather couches. A visit to the New
York, Paris, Milan or London offices of Berwin Leighton
Paisner (BLP) confirms that.
BLP, like so many of its counterparts, is now strictly high-
tech. Indeed, according to Janet Day, BLP’s director of IT,
both business and regulatory requirements are making ever
more sophisticated demands of law firms in the UK.
Consequently, Day believes that to stay abreast of market
forces, BLP’s IT resources have to be up to date, and its staff
properly qualified and trained.
In line with this policy – and realising the growing impor-
tance of web services and XML – BLP made the decision to
migrate to .NET technology. An integral part of that was to
consider what new certification and training staff would need
to make the most of the technology. “I think .NET is a com-
pletely different way of approaching software development,
so it’s not surprising that you have to learn to change your
software development approach to exploit it fully,” says Day.
Having identified what was required, BLP identified several
key development members who would benefit from acquir-
ing Microsoft Certified Solution Developer .NET (MCSD .NET).
The company already has a number of Microsoft-certified
developers and systems engineers, and trusts that the
qualifications provide holders with the relevant technical
knowledge, along with “real world” skills and expertise.
Choosing an organisation capable of delivering a training
regime that fitted with BLP’s requirements was not difficult:
Day has had a long-term relationship with Azlan, a member of
Microsoft’s Gold Learning Solutions programme – the highest
endorsement that a Microsoft Certified Technical Education
Centre can aspire to. “I would not consider looking for another
company to supply our training needs. I don’t believe there is
anything that we could demand of a company like Azlan that
it would not be able to supply,” says Day.
Since completing their training, and acquiring MCSD .NET
qualifications, BLP’s chosen developers have returned to
share their knowledge, and to contribute to the successful
completion of several .NET projects. The decision to invest in
new technology has thus been vindicated, and BLP’s cus-
tomers can continue to rely on the company to provide them
with innovative, high-quality services.
MICROSOFT CERTIFICATIONS
14 FYITECHNOLOGY
Windows Server 2003
DYNAMiC COMPUTiNGThe Dynamic Systems Initiative is an attempt to create a software architecturethat will allow customers to build dynamic, self-managing enterprise systemsusing industry standard components. The release of Windows Server 2003 hasshown the way. By Phil Jones.
IN MARCH, MICROSOFT UNVEILED A PLAN to solve one of the most intractable problems in the world of enterprise
computing: how to simplify and ultimately automate the design, deployment and operation of the modern data centre.
The Dynamic Systems Initiative (DSI) will take another three to five years to come to fruition, but it already has the
backing of some of the world’s leading IT vendors. In April, with the release of Windows Server 2003, Microsoft
delivered some of the first key building blocks to allow customers to
construct today the data centre of tomorrow.
The size of the problem that the DSI has been created to
address should not be underestimated. For the past decade, says
Michael Emanuel, senior product manager for Microsoft’s
enterprise management division, data centre staff have been
fighting to operate increasingly complex internet-centric multi-
server systems, using tools designed for the far simpler era of
mainframe-centric client/server systems.
It is proving to be an increasingly unequal and expensive
struggle. Already, 70% of IT spending is devoted simply to keeping
existing systems up and running, when it might be better spent on
new development. At the same time, the skills and expertise
required to maintain the fight are becoming the preserve of an
ever-dwindling body of scarce data centre professionals.
“There simply aren’t enough people around to manage or
operate the type of data centre world we have today,” says
Emanuel. It is time for a sea change in systems management
thinking and practice, and in particular he says, the time has
come when “applications need to participate in their own
management”.
CLOUDS OF COMPLEXITY
The fact that applications do not yet participate in their own
management is at the heart of the problem that the DSI has been
created to solve. At the moment, says Emanuel, management
tools still treat systems as, essentially, a collection of disparate
elements – resources such as disks, processors, memory, blades
and so on – aggregated as a single monolithic server driving a
single application.
Rather than proactively directing these systems in any
meaningful way, conventional management systems do little more
than monitor the myriad alerts directed at them by the individual
elements or resources. This is okay as far as it goes, since in a
simple monolithic server/application environment, knowing that a
disk has failed at least identifies the reason why the payroll system
has stalled.
In practice though, modern systems are not monolithic entities
running one application against a single server. Rather, they are
complex aggregations of both physical and logical resources
spread throughout a virtualised, distributed platform – in this
context, modern systems are described as “clouds of elements”.
So far though, systems that approach this level of automation and
self-determination have been restricted to multimillion-dollar
bespoke projects. But with DSI, Microsoft and its partners (see
box, Dynamic Systems Initiative) plan to put the digital nervous
system within the reach of all their customers, using commodity
storage, processing and network elements.
Dynamic Systems Initiative
Announced in March this year, the Dynamic Systems
Initiative (DSI) is a Microsoft-led, industry-wide effort to
create a software architecture that will allow customers to
build dynamic, self-managing enterprise systems using
industry standard components.
Vendors that have announced their support for DSI include
market leading players from the hardware, software and
services sectors, including: Centrata, Computer Associates
International, Consera Software, Dell Computer, EDS, HP,
Opsware, and Think Dynamics.
DSI’s XML-based Systems Definition Model (SDM) is
expected to set and conform to international standards, and
will be supported by products from DSI partners. Microsoft
itself has already provided DSI deliverables in the recently
released Windows Server 2003. They include automated
deployment services (ADS) for automated system
provisioning; Windows system resource manager for
dynamic systems resource management; volume shadow
copying services (VSS) and virtual disk service (VDS);
network load balancing (NLB); Windows Server clustering
(WSC); and Virtual Server.
15June 2003
Admittedly, it is going to
take a little time to achieve
this. At its heart the DSI may be
a software architecture project,
but its product will not be
something that can be neatly
retrofitted to old systems. To
build an application with a
digital nervous system, logical
synapses and neural pathways
need to be installed from the
outset. “It [the digital nervous system]
needs to be baked into the application. It needs to be
done at development, using tools that already have the
architecture embedded in them,” explains Emanuel. Once such
an application is completed, the expectation must be that it is
mounted on a resource platform that recognises the same
software architecture and talks the same language.
In DSI, the point of harmony between the worlds of the
developer, the operations manager, and the hardware and
software vendors, is enshrined in the initiative’s System
Definition Model (SDM). This
XML-based schema acts as
the blueprint for DSI systems
design and deployment, by
capturing and describing three
key categories of systems
information: a manifest of
resources available to the
system; an operational health
profile describing necessary
performance parameters and
required resources; and a
configuration profile.
Based on information
described using the SDM, “when
an application is installed it makes a contract with the virtualised
platform; this is basically a state model. The platform will check
that it has the resources to meet the applications requirements,
and say ‘yes’ or ‘no’ to the contract,” says Emanuel. If the
response is ‘yes’, the platform makes the necessary resources
available to the application in order that the application can
maintain its “state”.
Thanks to the inherent
management capabilities of
application and platform,
Emanuel points out, any
management system that is
deputed to oversee the application’s
operations is already in possession
of a much richer body of
information about the
application and the resources
that are available to it, than
any conventional management
system has ever been in the past.
Indeed, at the point that a DSI application
signs its contract with the platform, the kind of tool that we think
of today as a management system is already on its way to
becoming redundant. Since the application now has “state” it is
effectively monitoring itself. More than that, because the SDM
also provides knowledge of other resources in the platform, the
application now has the potential to make demands on its own
behalf – responding to spikes in transaction volume by
demanding more blade servers, for example.
Before this kind of potential
can be fully realised though, the
platform has to be ready to
respond to resource requests
from the application, which
means that DSI-compatible
interfaces need to be available
from device manufacturers, and
the operating system has to be
equipped with the utilities to
exploit them. These are the
deliverables that the DSI
partners can begin to produce
even before the DSI architecture
itself is fully completed. To that
end, Microsoft led the way with the release of Windows Server
2003 in April.
WINDOWS SERVER 2003
Within the Enterprise version of Windows 2003 are half-a-dozen
utilities which, while not providing full DSI services today, will
nevertheless support them in future. But they will still provide
“There aren’t
enough people
around to manage
or operate the
data centres we
have today”
ILLU
STR
ATIO
N: T
ER
RY
CO
LON
16 FYITECHNOLOGY
immediate benefits to data centre managers today. The provision
of network load balancing (NLB), for instance, will allow
operations managers to moderate the “bursts” and “spikes”
caused by unpredictable incoming data traffic. The long-awaited
Windows Server Clustering (WSC) technology, meanwhile, will
ease the provision of scalable, high-availability services using
commodity servers.
Volume shadow copy services (VSS) and virtual disk storage
(VDS) are also introduced with Windows 2003. While these may
prove less immediately useful to the operations manager, they do
provide a DSI-compatible target for storage device managers to
aim at, and should rapidly gain appreciation among customers as
their potential is realised.
With VDS, for example, network attached storage (NAS) and
storage area network (SAN) vendors now have a set of application
programming interfaces (APIs) – the interfaces by which an
application communicates with the operating system, or other
applications and services – that they can write to. This will allow
their products to participate more completely in the Windows
environment. Using VDS drivers, for instance, an entire server can
now be booted from a SAN, obviating the need for expensive
direct access storage (DAS), and increasing system integrity by
permitting storage hardware to be swapped in and out in the
background “on the fly”. In combination with NAS, VDS may prove
even more powerful than that, and has the potential to turn a
commodity machine into a remote file server with terabytes of
data behind it.
VSS is also a “star” of the Windows Server 2003, says
Emanuel, adding to it something that is missing from almost all
other operating systems: the ability to snapshot and copy
production file systems to archival and mirror storage systems,
with barely any perceptible interruption to the application.
Previously, this ability has had to be hand-written into the
application to support each storage vendor, in order to be shadow
copy aware for each type of storage system. Now with VSS,
application developers have access to a universal shadow copy
API that can make any Windows application, such as SQL Server
or Exchange, shadow copy capable for all storage systems
supporting VDS with minimal effort.
The features of Windows Server 2003 that go furthest
towards realising the ultimate digital nervous system vision of DSI
are Automated Deployment Services (ADS), and Windows System
Resource Manager (WSRM).
COMMUNAL RESOURCES
With ADS, for instance, Windows users are taking the first steps
towards enjoying dynamic “bare metal” provisioning of new
hardware resources – that is, having access to hardware
resources as and when they are required. When DSI is fully
realised, ADS-enabled systems – assuming they have the
authorisation to do so in their SDM profile – will be able to reach
into the virtual platform and request extra resources as
transaction or traffic volume demand changes, and return them
to the communal resource as their necessity recedes.
At the moment, human intervention is still required to utilise
ADS, but it still significantly advances the threshold of systems
automation, streamlining tasks that might normally take hours
into a matter of minutes. In a current demonstration, for example,
Microsoft is able to show ADS automatically bringing up a 20-
blade Dell system in just eight-and-a-half minutes.
Ultimately, ADS will work hand-in-hand with another new
feature in Windows Server 2003 – WSRM. WSRM does at the
functional level what ADS does at a physical level – that is, it
allows dynamic control over which applications have access to
what resources at any given time, how much is available and
where exactly it can be found. This too, says Emanuel “is pretty
unique”, and goes beyond what is commonly possible in the Unix
world today, even though it too is restricted in what it can do by the
immature state of the rest of the DSI universe.
Nevertheless, services such as ADS and WSRM provide a few
pointers as to how DSI, ultimately, will be able to arbitrate
applications automatically, according to their respective priority
profiles defined in the SDM. At that point, the heavy burden that
data centre operations place on today’s enterprise IT resources,
as well as those that manage them, should be well on the way to
becoming a thing of the past.
www.microsoft.com/windowsserver2003
WHERE NEXT?
“Network load
balancing moderates
the bursts and
spikes of incoming
data traffic”
17June 2003
FOR THOUSANDS OF MICROSOFT CUSTOMERS the day is looming when they must decide whether
or not to renew the Software Assurance (SA) covering their volume licence agreements. For the many
who have already realised Software Assurance benefits, there may
be no decision to make. But for those who still have doubts, or have
not bought Software Assurance before, Microsoft has recently
improved its Software Assurance offer.
When Microsoft introduced the Software Assurance
programme last year, volume licence customers who bought the
cover became eligible for free upgrades to the latest versions of
assured products for the duration of their two- or three-year
contract. For desktop software
users, a 29 per cent fee on top of
the original cost of their licence per
user per year ensured they could
always have access to the latest
versions of their products at no
extra cost. For server software
customers, the deal was better –
just a 25 per cent annual fee over
the original licence price.
A year later however, and
Microsoft is willing to concede that
the new Software Assurance deal
did not necessarily meet all
expectations and even Steve
Ballmer, Microsoft CEO, commented
that it would be an on-going project
to address these concerns.
Some customers, according to
Sue Hogg, software licensing
manager with Microsoft UK, did not feel that Microsoft’s Software
Assurance proposition was compelling enough or that their feedback
had been considered when launching the initial offering. The question
was: “Why hadn’t Microsoft done more to consult us first?”
“Since then,” says Hogg, “we have done a lot of work with
customers and partners to make Software Assurance more
valuable to them.” This culminated in May in the announcement of
a new deal that bundles a host of extra privileges within the basic
Software Assurance cover.
As ever with license deals, the devil is in the detail, and the
amount and scope of the new benefits offered to Software
Assurance customers is dictated to a great extent by the size and
type of volume licence agreement their cover is linked to. However,
from the smallest volume licence software buyer to the largest
enterprise customer, Microsoft is offering something that it hopes
will make taking out Software Assurance an altogether more
attractive proposition – at no extra cost.
In the case of desktop software buyers, for instance, Software
SOFTWARE ASSURANCEMicrosoft’s Software Assurance programme did not necessarily meet allexpectations on its introduction. Sue Hogg, software licensing manager atMicrosoft UK, highlights the company’s work to improve the programme.
Assurance now bundles free training days and e-learning features
aimed at both end-users and IT professionals, which will help
customers get the most from the latest versions of products that
they still receive under the basic Software Assurance terms. Parts
of Microsoft’s TechNet services, which customers would previously
have had to pay extra for, will also be opened free of charge to
Software Assurance buyers, and Microsoft has added two
additional features that will extend
the benefits of Software Assurance
beyond the confines of the office.
A Home User Rights option allows
customers to provide home users with
office software at home. Meanwhile, a
new employee purchase scheme will
let any Microsoft customer’s staff
member buy any Microsoft consumer
software at a 30-40 per cent discount
to the estimated retail price.
For server customers, the new
extras reflect customer requirements
in these areas. Some software
licensing tools are now available free
to Software Assurance buyers, as are
parts of TechNet. The new “carrot on a
stick” though, must be Microsoft’s
decision to bundle free support with
Software Assurance.
According to Hogg, customer consultation to support the new
Software Assurance deal showed that support has a “very high
perceived value” among server customers. So now, depending on
the size of their licence agreement, Server Software Assurance
buyers will receive a number of free phone- or web site-supported
“incidents” for the term of the contract.
It makes Software Assurance a more compelling deal, and it
may even persuade customers that have stuck to piece-meal
procurement for some products to go for volume licensing
agreements in future, in order to receive the valuable extras now
bundled with it.
For more details on the Software Assurance Announcement and
how it applies across all volume licence agreements please visit:
www.microsoft.com/uk/licensing
WHERE NEXT?
Software Assurance
On 1 September 2003, Microsoft is making improvements
to Software Assurance. The three main benefits are:
Productivity
Software Assurance provides access to the latest
technology. Individuals also gain benefits such as
home use rights.
Support and Tools
Organisations gain access to Microsoft support profes-
sionals, resources and tools, and to problem resolu-
tion support.
Training
Provides access to many levels of training in both
instructor-led course and e-learning.
Licensing
18 FYITECHNOLOGY
Web services
NOTHiNG TO FEAR
Some developers may be shying away from web services believing them to beintricate and complex. But, says Ivo Salmre, Microsoft’s UK product managerfor .NET developer technology, that is not the case.
WHEN CAN A TECHNOLOGY BE CONSIDERED to have left the cutting edge and joined the IT mainstream? When the
ease of developing solutions with that technology far outweigh the costs of using it. So it is with web services today.
The name itself may need some explaining. ’Web’ sounds big and exposed to the world, and ’service’ would seem
to indicate something intricate and complex. In truth, a web service need be neither. Web services can be used to solve
internal and external information needs, and building the “service” often consists of putting an easy to build wrapper
on top of existing infrastructure. Consuming a web service can be even easier. Using today’s modern development tools
like Visual Studio .NET, a developer simply points to the web service they want to utilise, and the necessary code to
access that networked resource is auto-generated for them.
Just as web pages exposed data and applications to people
over the intranet or internet as HTML, so web services
expose services to other applications as XML. Web services
are about making it easy to connect applications to
information and processes.
The XML-based approach to building integrated
systems has been in the news for about two years now,
and won accolades from organisations that have used
them to greatly reduce the time required to build and tie
together applications using disparate components of
systems from within and without their organisations. Web
services are now reaching the critical mass of adoption
that brings wide scale change. Just as HTML and the inter-
net hit a critical take off point when the amount of useful
web sites passed a certain threshold, so too are web
services reaching this critical inflection point.
Many developers have been waiting for the tools and
utilities to arrive that will minimise the risk and
maximise the productivity gains from adopting web service
integration methods. Some IT professionals charged with
operations and maintenance tasks have been shy of intro-
ducing unfamiliar technology, fearing that it may pose new
challenges and complicate an already heavy workload. In
fact, web services offer few new challenges to systems
administrators who are already familiar with managing
internet sites (see box, Web services for administrators), and although
.NET technology does bring some new issues for developers, these are
not so great that they should dissuade them from taking the plunge
(see box, Web Services for Developers). The benefits are there.
Indeed, Ivo Salmre, Microsoft UK’s product manager for .NET
developer technology, believes that since last year with the release of
Visual Studio .NET 2000, web services have been more than ready
for the mainstream. Now with the release of Windows Server 2003
and an accompanying update tool update, Visual Studio 2003,
developers and IT professionals have even more reason to take the
web services plunge. Windows and Visual Studio were already good
platforms for building web services but in their latest releases “we
have added a lot of things that just make it altogether easier.
You no longer need 60 people each with a PhD to get into web
services,” says Salmre.
A key development for the mainstream community is that Visual
Studio and Windows now both come complete with the .NET
Framework, and so each share the common features needed to build
and deploy a web service. For instance, Windows Server now includes
Enterprise Universal Description, Discovery and Integration (UDDI)
Services for the fist time, making it an ideal platform from which to
both host and access web services. The web services elements of
Visual Studio 2003, meanwhile, have also been made easier to use,
Salmre claims, and enhanced by the addition of new device access
Web services for developers
If web services pose a challenge to any part of the IT community, it is to
applications developers. But while it does not mean abandoning or
radically changing any of the basic procedures or tools that developers
use today to build conventional applications, web services demand new
levels of planning and co-ordination between teams of developers. In
particular, says Salmre, “What developers need to do differently is to
think more about architecture.”
To some extent, the new emphasis that web services place on architec-
tural planning stems from the simplicity that they bring to making the
building blocks of complex systems. In this situation, where individual
developers are so personally empowered,there is a temptation for them
to go off and say: OK, leave me alone, I’m just going to build this thing,
and I don’t need any help from anyone else,” says Salmre.
This is great for the individual, but for a development team it can lead to
confusion. Individual developers need to work to common document
format templates, and common interface standards.
But similar problems have always existed. As with any rapid application
development (RAD) environment, the flip-side of increased programmer
productivity is the requirement for developers to take greater strategic
responsibility.
19June 2003
interfaces that will
take web services to
handhelds today and
even smartphones in
the near future.
One such
example of a very
rich, publicly hosted
web service is Microsoft MapPoint®, which offers graphical city
maps, driving directions and points of interest for users around
the world. Other public web services can be queried for on
Microsoft UDDI directory, http://uddi.microsoft.com. To some
extent, the scale and complexity of some high profile services
already built using web services technology may make the task
seem daunting to mainstream developers, as they believe that the
technology is primarily intended for major systems integration
projects. In fact, says Salmre, web service technology is as
appropriate to use for minor internal projects, such as connecting
a company phone directory to the human resources (HR)
database, as it is for tying together the disparate systems of
different trading partners or supplying live air traffic control
information.
While web services can certainly scale from small to very large
systems, large cross organisation projects, however, are probably
not for the first time user. If the intention is to expose a company’s
critical information and transaction systems to public access over
the web, there will be security and authorisation issues to resolve
which are not yet catered for under the Web Services Interoperability
Organization’s web services standards specifications. The end result
is that building large scale public web services requires extra work
on the part of the implementer to meet the necessary security and
reliability needs. Standards are expected over the next two years,
and tools and common infrastructure support will follow.
No such issues stand in the way of internal projects, or projects
that involve sharing web services between trusted partners. As a
toe in the water exercise, Salmre suggests, new web service
adopters might try integrating an application with a third party web
service from a vendor such as Microsoft
itself. The company’s MapPoint .NET host-
ed, programmable subscription service, for
example, aggregates geographic informa-
tion from a variety of suppliers, and makes
it available to anyone who would benefit
from adding maps to their application.
All that a developer needs, says
Salmre, is a basic grasp of how to use
simple object access protocol (SOAP) and
XML and a subscription to the service. After
that, programs that despatch delivery
orders or appointment details can make
the recipient’s life a lot easier, by automat-
ically including a map of the target address
or meeting location. As for the developers
themselves, he says, using MapPoint
may prove a painless way of pointing the
way towards even greater productivity
gains in future.
Web services for administrators
Microsoft’s message to IT professionals responsible for operations adminis-
tration and maintenance is a simple one: If you already understand how to
run a web site, you also understand how to deal with web services. “This
really is the same thing as administering a web service. So I say don’t worry
– you already have the knowledge and skills to do this,” says Salmre.
When running a web site, the principle issues centre on setting and
enforcing access control, user authentication and authorisation. The
same issues are posed by web services – the only difference is that now
administrators are managing dialogues between two applications, rather
than between an end user and an application. Many of the tools that
system administrators use today to manage web sites will essentially be
the same tools used to manage web services.
The only surprise may be the scale of the authorisation and control
policies required as web services proliferate in their systems, and the
unfamiliar origins of some of these requirements.
A likely source of new web services in the future will be Office 2003,
which contains a feature called Info Path™ that enables a web service to
be triggered from within a document in much the same way as hyper-
links can be embedded in documents. Using Info Path, for instance,
users may create expense claim forms containing a button that auto-
matically sends their finished document directly to a financial or human
resource application, rather than to an accounts worker.
Indeed, according to Salmre, web services offer IT professionals the
chance to make a bigger and more direct contribution to their organisa-
tion’s day-to-day business and to help streamline operations. “They
should be saying to their bosses: we should try using this web service to
do this thing. It’s not difficult and we have the skills to manage it
already,” he says.
Messaging...
Credit card processing...
View inventory levels
Order tracking
Currency convertor...
Search engine
Hotel reservation engine
Create streetmap
Stock price news feed...
Debit transaction service
File Edit Style Item
WEB SERVICES ECOSYSTEM
CLIENTS
TOO
LS
US
ER
EX
PE
RIE
NC
ES
AN
D S
OLU
TION
S
XML WEB SERVICES
INFRASTRUCTURE SERVERS, EG NETWORK OPERATORS
AUTHENTICATION SUBSCRIBER DBPERSONALIZATION
SMSMMSBILLING
VOICE CALLSDATA CALLS ETC.
left: Future web services in action?
Stuart Okin, chief security officer at Microsoft UK, responds toconcerns that a user has about using Microsoft security patches.
USER: SECURITY PATCHES SHOULD BE EASY TO FIND
First, I want to say that I've recently recovered from being
“slammed”, and I'm fed up. The experience has left me feeling
that utilising Microsoft maintenance patches is too difficult and
too time consuming, and left me asking questions such as: “Why
is it so difficult to find the right patch?; Why do I need to have to
reboot after implementing some patches?; Why do I have to
install one patch before I can install another?”
Also, I don’t mind putting up with a few bugs, but when I do
find them I want Microsoft to make my life easier when it comes
to fixing them. I want a tool that makes it easier to find the right
patch for every Microsoft product. It should be easy to use, GUI-
based, and it should be able to find exactly what I need without
having to spend hours searching web notice boards.
STUART OKIN, CHIEF SECURITY OFFICER MICROSOFT UK
The Slammer worm was another example of a damaging cybercrime,
and we appreciate all the efforts made by operational staff around
the world to protect their systems from this attack. We actually
brought out the original fix for the vulnerability exploited by Slammer
last July. In the last year, we have made huge efforts to improve the
communication about releases of new patches, and you can register
at www.microsoft.com/security to receive the alerts.
Microsoft has also worked on improving the level of detail on the
alerts and of course the quality of patches, which also means reduc-
ing, where we can, the requirement to reboot. Microsoft regularly
releases cumulative patches that pull together all patches for a spe-
cific system to make it easier for customers to build a secure solution.
However, there is still much to do. We need to reduce the patch
installers so that all Microsoft software can benefit from a single
update site. The ultimate aim is to produce a truly self-healing system.
We also pull all the required security patches together into
service packs, and on a regular basis into cumulative patches.
However, there will be situations when individual patches are
required for specific vulnerabilities, but we feel that our customers
would prefer to be safe than waiting for a cumulative patch or
service pack.
USER: PATCHES SHOULD BE EASY TO INSTALL
Once I have identified the right patch, it should be simple to
install, and I don't want to have to install multiple patches to fix
multiple problems. If I install an operating system for instance, all
I should have to install is the product, the latest service pack, and
one patch that installs all the latest patches simultaneously.
STUART OKIN: PRODUCT INSTALLATION
In terms of product installation, Microsoft has brought out a
number of systems to aid customers in deploying patches, these
include Automatic Update for Windows, Software Update Services
and, later this year, SMS version 3. We also offer services in
conjunction with our partners – Microsoft Solution Management –
which takes customers through a patch management lifecycle. This
is based on industry-recognised standards (IT Infrastructure Library
– ITIL) for managing critical systems.
Last year, Microsoft released Baseline Security Analyser (MBSA).
MBSA provides a GUI-based analysis of your desktop or server, iden-
tifying not only patch requirements, but also potential configuration
changes in applications such as Windows Office and IE.
USER: USING EVALUATION COPIES ON MICROSOFT SOFTWARE
Also, when will I be able to use patches on evaluation copies of
Microsoft software? I understand why Microsoft has a policy that
forbids this, and I know that in theory I should not be running
evaluation software with production systems. But in the real
world, sometimes the only way to properly evaluate software is
in conjunction with production systems, and as things stand,
whenever I do that Microsoft forces me to make my systems
vulnerable because I cannot secure them with the correct patch.
STUART OKIN: PRODUCT EVALUATION
In response to your concerns about using patches on evaluation
copies, Microsoft invests in a variety of programmes that allows
customers to evaluate beta software versions with full Microsoft
support and build updates. It is true that evaluation software of
released products is not always updated to reflect the latest
security patches – a decision we took because, as you quite
rightly point out, the software is not recommended for a live
environment and therefore the impact is restricted. However, where
the virus is significant, such as the recent Slammer virus, we have
destroyed all SQL evaluation software and replaced it with
protected copies.
To find out more about the products and services Microsoft offers to
IT administrators, please visit www.microsoft.com/security
What’s your opinion? Or do you have a “rant” of your own that you would like Microsoft torespond to? Go to www.microsoft.com/uk/fyitechnology to share you thoughts.
<<
<<
SE
CU
RIT
Y P
ATC
HE
S<
<<
<<
<<
<
THE RANT
